void sspi_CopyAuthIdentity(SEC_WINNT_AUTH_IDENTITY* identity, SEC_WINNT_AUTH_IDENTITY* srcIdentity)
{
if (identity->Flags == SEC_WINNT_AUTH_IDENTITY_ANSI)
{
sspi_SetAuthIdentity(identity, (char*) srcIdentity->User,
(char*) srcIdentity->Domain, (char*) srcIdentity->Password);
identity->Flags = SEC_WINNT_AUTH_IDENTITY_UNICODE;
return;
}
identity->Flags = SEC_WINNT_AUTH_IDENTITY_UNICODE;
identity->UserLength = srcIdentity->UserLength;
identity->User = (UINT16*) malloc(identity->UserLength * sizeof(WCHAR));
CopyMemory(identity->User, srcIdentity->User, identity->UserLength * sizeof(WCHAR));
identity->DomainLength = srcIdentity->DomainLength;
identity->Domain = (UINT16*) malloc(identity->DomainLength * sizeof(WCHAR));
CopyMemory(identity->Domain, srcIdentity->Domain, identity->DomainLength * sizeof(WCHAR));
identity->PasswordLength = srcIdentity->PasswordLength;
identity->Password = (UINT16*) malloc(identity->PasswordLength * sizeof(WCHAR));
CopyMemory(identity->Password, srcIdentity->Password, identity->PasswordLength * sizeof(WCHAR));
}
BOOL ntlm_client_init(rdpNtlm* ntlm, BOOL http, LPCTSTR user, LPCTSTR domain, LPCTSTR password,
SecPkgContext_Bindings* Bindings)
{
SECURITY_STATUS status;
ntlm->http = http;
ntlm->Bindings = Bindings;
ntlm->table = InitSecurityInterfaceEx(0);
if (!ntlm->table)
return FALSE;
sspi_SetAuthIdentity(&(ntlm->identity), user, domain, password);
status = ntlm->table->QuerySecurityPackageInfo(NTLM_SSP_NAME, &ntlm->pPackageInfo);
if (status != SEC_E_OK)
{
WLog_ERR(TAG, "QuerySecurityPackageInfo status %s [0x%08"PRIX32"]",
GetSecurityStatusString(status), status);
return FALSE;
}
ntlm->cbMaxToken = ntlm->pPackageInfo->cbMaxToken;
status = ntlm->table->AcquireCredentialsHandle(NULL, NTLM_SSP_NAME,
SECPKG_CRED_OUTBOUND, NULL, &ntlm->identity, NULL, NULL,
&ntlm->credentials, &ntlm->expiration);
if (status != SEC_E_OK)
{
WLog_ERR(TAG, "AcquireCredentialsHandle status %s [0x%08"PRIX32"]",
GetSecurityStatusString(status), status);
return FALSE;
}
ntlm->haveContext = FALSE;
ntlm->haveInputBuffer = FALSE;
ZeroMemory(&ntlm->inputBuffer, sizeof(SecBuffer));
ZeroMemory(&ntlm->outputBuffer, sizeof(SecBuffer));
ZeroMemory(&ntlm->ContextSizes, sizeof(SecPkgContext_Sizes));
ntlm->fContextReq = 0;
if (ntlm->http)
{
/* flags for HTTP authentication */
ntlm->fContextReq |= ISC_REQ_CONFIDENTIALITY;
}
else
{
/**
* flags for RPC authentication:
* RPC_C_AUTHN_LEVEL_PKT_INTEGRITY:
* ISC_REQ_USE_DCE_STYLE | ISC_REQ_DELEGATE | ISC_REQ_MUTUAL_AUTH |
* ISC_REQ_REPLAY_DETECT | ISC_REQ_SEQUENCE_DETECT
*/
ntlm->fContextReq |= ISC_REQ_USE_DCE_STYLE;
ntlm->fContextReq |= ISC_REQ_DELEGATE | ISC_REQ_MUTUAL_AUTH;
ntlm->fContextReq |= ISC_REQ_REPLAY_DETECT | ISC_REQ_SEQUENCE_DETECT;
}
return TRUE;
}
int credssp_ntlm_client_init(rdpCredssp* credssp)
{
char* spn;
int length;
freerdp* instance;
rdpSettings* settings;
settings = credssp->settings;
instance = (freerdp*) settings->instance;
if ((settings->Password == NULL) || (settings->Username == NULL))
{
if (instance->Authenticate)
{
BOOL proceed = instance->Authenticate(instance,
&settings->Username, &settings->Password, &settings->Domain);
if (!proceed)
return 0;
}
}
sspi_SetAuthIdentity(&(credssp->identity), settings->Username, settings->Domain, settings->Password);
#ifdef WITH_DEBUG_NLA
_tprintf(_T("User: %s Domain: %s Password: %s\n"),
(char*) credssp->identity.User, (char*) credssp->identity.Domain, (char*) credssp->identity.Password);
#endif
sspi_SecBufferAlloc(&credssp->PublicKey, credssp->transport->TlsIn->PublicKeyLength);
CopyMemory(credssp->PublicKey.pvBuffer, credssp->transport->TlsIn->PublicKey, credssp->transport->TlsIn->PublicKeyLength);
length = sizeof(TERMSRV_SPN_PREFIX) + strlen(settings->ServerHostname);
spn = (SEC_CHAR*) malloc(length + 1);
sprintf(spn, "%s%s", TERMSRV_SPN_PREFIX, settings->ServerHostname);
#ifdef UNICODE
credssp->ServicePrincipalName = (LPTSTR) malloc(length * 2 + 2);
MultiByteToWideChar(CP_UTF8, 0, spn, length,
(LPWSTR) credssp->ServicePrincipalName, length);
free(spn);
#else
credssp->ServicePrincipalName = spn;
#endif
return 1;
}
BOOL ntlm_client_init(rdpNtlm* ntlm, BOOL http, char* user, char* domain, char* password, SecPkgContext_Bindings* Bindings)
{
SECURITY_STATUS status;
sspi_GlobalInit();
ntlm->http = http;
ntlm->Bindings = Bindings;
#ifdef WITH_NATIVE_SSPI
{
HMODULE hSSPI;
INIT_SECURITY_INTERFACE InitSecurityInterface;
PSecurityFunctionTable pSecurityInterface = NULL;
hSSPI = LoadLibrary(_T("secur32.dll"));
#ifdef UNICODE
InitSecurityInterface = (INIT_SECURITY_INTERFACE) GetProcAddress(hSSPI, "InitSecurityInterfaceW");
#else
InitSecurityInterface = (INIT_SECURITY_INTERFACE) GetProcAddress(hSSPI, "InitSecurityInterfaceA");
#endif
ntlm->table = (*InitSecurityInterface)();
}
#else
ntlm->table = InitSecurityInterface();
#endif
sspi_SetAuthIdentity(&(ntlm->identity), user, domain, password);
status = ntlm->table->QuerySecurityPackageInfo(NTLMSP_NAME, &ntlm->pPackageInfo);
if (status != SEC_E_OK)
{
DEBUG_WARN( "QuerySecurityPackageInfo status: 0x%08X\n", status);
return FALSE;
}
ntlm->cbMaxToken = ntlm->pPackageInfo->cbMaxToken;
status = ntlm->table->AcquireCredentialsHandle(NULL, NTLMSP_NAME,
SECPKG_CRED_OUTBOUND, NULL, &ntlm->identity, NULL, NULL, &ntlm->credentials, &ntlm->expiration);
if (status != SEC_E_OK)
{
DEBUG_WARN( "AcquireCredentialsHandle status: 0x%08X\n", status);
return FALSE;
}
ntlm->haveContext = FALSE;
ntlm->haveInputBuffer = FALSE;
ZeroMemory(&ntlm->inputBuffer, sizeof(SecBuffer));
ZeroMemory(&ntlm->outputBuffer, sizeof(SecBuffer));
ZeroMemory(&ntlm->ContextSizes, sizeof(SecPkgContext_Sizes));
ntlm->fContextReq = 0;
if (ntlm->http)
{
/* flags for HTTP authentication */
ntlm->fContextReq |= ISC_REQ_CONFIDENTIALITY;
}
else
{
/**
* flags for RPC authentication:
* RPC_C_AUTHN_LEVEL_PKT_INTEGRITY:
* ISC_REQ_USE_DCE_STYLE | ISC_REQ_DELEGATE | ISC_REQ_MUTUAL_AUTH |
* ISC_REQ_REPLAY_DETECT | ISC_REQ_SEQUENCE_DETECT
*/
ntlm->fContextReq |= ISC_REQ_USE_DCE_STYLE;
ntlm->fContextReq |= ISC_REQ_DELEGATE | ISC_REQ_MUTUAL_AUTH;
ntlm->fContextReq |= ISC_REQ_REPLAY_DETECT | ISC_REQ_SEQUENCE_DETECT;
}
return TRUE;
}
int nla_client_init(rdpNla* nla)
{
char* spn;
int length;
rdpTls* tls = NULL;
BOOL PromptPassword = FALSE;
freerdp* instance = nla->instance;
rdpSettings* settings = nla->settings;
WINPR_SAM* sam;
WINPR_SAM_ENTRY* entry;
nla->state = NLA_STATE_INITIAL;
if (settings->RestrictedAdminModeRequired)
settings->DisableCredentialsDelegation = TRUE;
if ((!settings->Password) || (!settings->Username)
|| (!strlen(settings->Username)))
{
PromptPassword = TRUE;
}
if (PromptPassword && settings->Username && strlen(settings->Username))
{
sam = SamOpen(TRUE);
if (sam)
{
entry = SamLookupUserA(sam, settings->Username, strlen(settings->Username), NULL, 0);
if (entry)
{
/**
* The user could be found in SAM database.
* Use entry in SAM database later instead of prompt
*/
PromptPassword = FALSE;
SamFreeEntry(sam, entry);
}
SamClose(sam);
}
}
#ifndef _WIN32
if (PromptPassword)
{
if (settings->RestrictedAdminModeRequired)
{
if ((settings->PasswordHash) && (strlen(settings->PasswordHash) > 0))
PromptPassword = FALSE;
}
}
#endif
if (PromptPassword)
{
if (instance->Authenticate)
{
BOOL proceed = instance->Authenticate(instance,
&settings->Username, &settings->Password, &settings->Domain);
if (!proceed)
{
freerdp_set_last_error(instance->context, FREERDP_ERROR_CONNECT_CANCELLED);
return 0;
}
}
}
if (!settings->Username)
{
nla_identity_free(nla->identity);
nla->identity = NULL;
}
else
sspi_SetAuthIdentity(nla->identity, settings->Username, settings->Domain,
settings->Password);
#ifndef _WIN32
{
SEC_WINNT_AUTH_IDENTITY* identity = nla->identity;
if (!identity)
{
WLog_ERR(TAG, "NLA identity=%p", identity);
return -1;
}
if (settings->RestrictedAdminModeRequired)
{
if (settings->PasswordHash)
{
if (strlen(settings->PasswordHash) == 32)
{
free(identity->Password);
identity->PasswordLength = ConvertToUnicode(CP_UTF8, 0,
settings->PasswordHash, -1, &identity->Password, 0) - 1;
/**
* Multiply password hash length by 64 to obtain a length exceeding
* the maximum (256) and use it this for hash identification in WinPR.
*/
identity->PasswordLength = 32 * 64; /* 2048 */
}
}
}
}
#endif
tls = nla->transport->tls;
if (!tls)
{
WLog_ERR(TAG, "Unknown NLA transport layer");
return -1;
}
if (!sspi_SecBufferAlloc(&nla->PublicKey, tls->PublicKeyLength))
{
WLog_ERR(TAG, "Failed to allocate sspic secBuffer");
return -1;
}
CopyMemory(nla->PublicKey.pvBuffer, tls->PublicKey, tls->PublicKeyLength);
length = sizeof(TERMSRV_SPN_PREFIX) + strlen(settings->ServerHostname);
spn = (SEC_CHAR*) malloc(length + 1);
if (!spn)
return -1;
sprintf(spn, "%s%s", TERMSRV_SPN_PREFIX, settings->ServerHostname);
#ifdef UNICODE
nla->ServicePrincipalName = NULL;
ConvertToUnicode(CP_UTF8, 0, spn, -1, &nla->ServicePrincipalName, 0);
free(spn);
#else
nla->ServicePrincipalName = spn;
#endif
nla->table = InitSecurityInterfaceEx(0);
nla->status = nla->table->QuerySecurityPackageInfo(NLA_PKG_NAME, &nla->pPackageInfo);
if (nla->status != SEC_E_OK)
{
WLog_ERR(TAG, "QuerySecurityPackageInfo status %s [%08X]",
GetSecurityStatusString(nla->status), nla->status);
return -1;
}
nla->cbMaxToken = nla->pPackageInfo->cbMaxToken;
nla->status = nla->table->AcquireCredentialsHandle(NULL, NLA_PKG_NAME,
SECPKG_CRED_OUTBOUND, NULL, nla->identity, NULL, NULL, &nla->credentials,
&nla->expiration);
if (nla->status != SEC_E_OK)
{
WLog_ERR(TAG, "AcquireCredentialsHandle status %s [%08X]",
GetSecurityStatusString(nla->status), nla->status);
return -1;
}
nla->haveContext = FALSE;
nla->haveInputBuffer = FALSE;
nla->havePubKeyAuth = FALSE;
ZeroMemory(&nla->inputBuffer, sizeof(SecBuffer));
ZeroMemory(&nla->outputBuffer, sizeof(SecBuffer));
ZeroMemory(&nla->ContextSizes, sizeof(SecPkgContext_Sizes));
/*
* from tspkg.dll: 0x00000132
* ISC_REQ_MUTUAL_AUTH
* ISC_REQ_CONFIDENTIALITY
* ISC_REQ_USE_SESSION_KEY
* ISC_REQ_ALLOCATE_MEMORY
*/
nla->fContextReq = ISC_REQ_MUTUAL_AUTH | ISC_REQ_CONFIDENTIALITY | ISC_REQ_USE_SESSION_KEY;
return 1;
}
int sspi_CopyAuthIdentity(SEC_WINNT_AUTH_IDENTITY* identity, SEC_WINNT_AUTH_IDENTITY* srcIdentity)
{
int status;
if (srcIdentity->Flags & SEC_WINNT_AUTH_IDENTITY_ANSI)
{
status = sspi_SetAuthIdentity(identity, (char*) srcIdentity->User,
(char*) srcIdentity->Domain, (char*) srcIdentity->Password);
if (status <= 0)
return -1;
identity->Flags &= ~SEC_WINNT_AUTH_IDENTITY_ANSI;
identity->Flags |= SEC_WINNT_AUTH_IDENTITY_UNICODE;
return 1;
}
identity->Flags |= SEC_WINNT_AUTH_IDENTITY_UNICODE;
/* login/password authentication */
identity->User = identity->Domain = identity->Password = NULL;
identity->UserLength = srcIdentity->UserLength;
if (identity->UserLength > 0)
{
identity->User = (UINT16*) calloc((identity->UserLength + 1), sizeof(WCHAR));
if (!identity->User)
return -1;
CopyMemory(identity->User, srcIdentity->User, identity->UserLength * sizeof(WCHAR));
identity->User[identity->UserLength] = 0;
}
identity->DomainLength = srcIdentity->DomainLength;
if (identity->DomainLength > 0)
{
identity->Domain = (UINT16*) calloc((identity->DomainLength + 1), sizeof(WCHAR));
if (!identity->Domain)
return -1;
CopyMemory(identity->Domain, srcIdentity->Domain, identity->DomainLength * sizeof(WCHAR));
identity->Domain[identity->DomainLength] = 0;
}
identity->PasswordLength = srcIdentity->PasswordLength;
if (identity->PasswordLength > SSPI_CREDENTIALS_HASH_LENGTH_OFFSET)
identity->PasswordLength -= SSPI_CREDENTIALS_HASH_LENGTH_OFFSET;
if (srcIdentity->Password)
{
identity->Password = (UINT16*) calloc((identity->PasswordLength + 1), sizeof(WCHAR));
if (!identity->Password)
return -1;
CopyMemory(identity->Password, srcIdentity->Password, identity->PasswordLength * sizeof(WCHAR));
identity->Password[identity->PasswordLength] = 0;
}
identity->PasswordLength = srcIdentity->PasswordLength;
/* End of login/password authentication */
return 1;
}
int sspi_CopyAuthIdentity(SEC_WINNT_AUTH_IDENTITY* identity, SEC_WINNT_AUTH_IDENTITY* srcIdentity)
{
int status;
if (identity->Flags == SEC_WINNT_AUTH_IDENTITY_ANSI)
{
status = sspi_SetAuthIdentity(identity, (char*) srcIdentity->User,
(char*) srcIdentity->Domain, (char*) srcIdentity->Password);
if (status <= 0)
return -1;
identity->Flags = SEC_WINNT_AUTH_IDENTITY_UNICODE;
return 1;
}
identity->Flags = SEC_WINNT_AUTH_IDENTITY_UNICODE;
identity->User = identity->Domain = identity->Password = NULL;
identity->UserLength = srcIdentity->UserLength;
if (identity->UserLength > 0)
{
identity->User = (UINT16*) malloc((identity->UserLength + 1) * sizeof(WCHAR));
if (!identity->User)
return -1;
CopyMemory(identity->User, srcIdentity->User, identity->UserLength * sizeof(WCHAR));
identity->User[identity->UserLength] = 0;
}
identity->DomainLength = srcIdentity->DomainLength;
if (identity->DomainLength > 0)
{
identity->Domain = (UINT16*) malloc((identity->DomainLength + 1) * sizeof(WCHAR));
if (!identity->Domain)
return -1;
CopyMemory(identity->Domain, srcIdentity->Domain, identity->DomainLength * sizeof(WCHAR));
identity->Domain[identity->DomainLength] = 0;
}
identity->PasswordLength = srcIdentity->PasswordLength;
if (identity->PasswordLength > 256)
identity->PasswordLength /= SSPI_CREDENTIALS_HASH_LENGTH_FACTOR;
if (identity->PasswordLength > 0)
{
identity->Password = (UINT16*) malloc((identity->PasswordLength + 1) * sizeof(WCHAR));
if (!identity->Password)
return -1;
CopyMemory(identity->Password, srcIdentity->Password, identity->PasswordLength * sizeof(WCHAR));
identity->Password[identity->PasswordLength] = 0;
}
identity->PasswordLength = srcIdentity->PasswordLength;
return 1;
}
BOOL ntlm_client_init(rdpNtlm* ntlm, BOOL http, char* user, char* domain, char* password)
{
SECURITY_STATUS status;
sspi_GlobalInit();
#ifdef WITH_NATIVE_SSPI
{
HMODULE hSSPI;
INIT_SECURITY_INTERFACE InitSecurityInterface;
PSecurityFunctionTable pSecurityInterface = NULL;
hSSPI = LoadLibrary(_T("secur32.dll"));
#ifdef UNICODE
InitSecurityInterface = (INIT_SECURITY_INTERFACE) GetProcAddress(hSSPI, "InitSecurityInterfaceW");
#else
InitSecurityInterface = (INIT_SECURITY_INTERFACE) GetProcAddress(hSSPI, "InitSecurityInterfaceA");
#endif
ntlm->table = (*InitSecurityInterface)();
}
#else
ntlm->table = InitSecurityInterface();
#endif
sspi_SetAuthIdentity(&(ntlm->identity), user, domain, password);
if (http)
{
DWORD status;
DWORD SpnLength;
SpnLength = 0;
status = DsMakeSpn(_T("HTTP"), _T("LAB1-W2K8R2-GW.lab1.awake.local"), NULL, 0, NULL, &SpnLength, NULL);
if (status != ERROR_BUFFER_OVERFLOW)
{
_tprintf(_T("DsMakeSpn: expected ERROR_BUFFER_OVERFLOW\n"));
return -1;
}
ntlm->ServicePrincipalName = (LPTSTR) malloc(SpnLength * sizeof(TCHAR));
status = DsMakeSpn(_T("HTTP"), _T("LAB1-W2K8R2-GW.lab1.awake.local"), NULL, 0, NULL, &SpnLength, ntlm->ServicePrincipalName);
}
status = ntlm->table->QuerySecurityPackageInfo(NTLMSP_NAME, &ntlm->pPackageInfo);
if (status != SEC_E_OK)
{
printf("QuerySecurityPackageInfo status: 0x%08X\n", status);
return FALSE;
}
ntlm->cbMaxToken = ntlm->pPackageInfo->cbMaxToken;
status = ntlm->table->AcquireCredentialsHandle(NULL, NTLMSP_NAME,
SECPKG_CRED_OUTBOUND, NULL, &ntlm->identity, NULL, NULL, &ntlm->credentials, &ntlm->expiration);
if (status != SEC_E_OK)
{
printf("AcquireCredentialsHandle status: 0x%08X\n", status);
return FALSE;
}
ntlm->haveContext = FALSE;
ntlm->haveInputBuffer = FALSE;
ZeroMemory(&ntlm->inputBuffer, sizeof(SecBuffer));
ZeroMemory(&ntlm->outputBuffer, sizeof(SecBuffer));
ZeroMemory(&ntlm->ContextSizes, sizeof(SecPkgContext_Sizes));
ntlm->fContextReq = 0;
if (http)
{
/* flags for HTTP authentication */
ntlm->fContextReq |= ISC_REQ_CONFIDENTIALITY;
}
else
{
/**
* flags for RPC authentication:
* RPC_C_AUTHN_LEVEL_PKT_INTEGRITY:
* ISC_REQ_USE_DCE_STYLE | ISC_REQ_DELEGATE | ISC_REQ_MUTUAL_AUTH |
* ISC_REQ_REPLAY_DETECT | ISC_REQ_SEQUENCE_DETECT
*/
ntlm->fContextReq |= ISC_REQ_USE_DCE_STYLE;
ntlm->fContextReq |= ISC_REQ_DELEGATE | ISC_REQ_MUTUAL_AUTH;
ntlm->fContextReq |= ISC_REQ_REPLAY_DETECT | ISC_REQ_SEQUENCE_DETECT;
}
return TRUE;
}
